Define multi-core specific memory check in Isolation Level 2 policy and APIs
Open, Needs TriagePublic
Actions

Description

It is unlikely that the secure core can still support CMSE functions in multi-core topology. Thus it requires a specific memory check to replace CMSE memory check functions.
Multi-core specific memory check in Isolation level 2 should complete the following checks

region valid/invalid
Secure/Non-secure check
Privileged/Un-privileged permission check
Read-only/Read-write check
platform specific attribution check if necessary.

The policy and sequence should be kept aligned with the check in single Armv8-M.
APIs should be defined and exported to multi-core topology platform.

Existing memory check in TF-M master branch may be also adjusted since memory check can be more strict in multi-core topology on partner platform.

Event Timeline

davidhuziji created this task.Jul 15 2019, 8:04 AM

davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

Propose a patch https://review.trustedfirmware.org/c/trusted-firmware-m/+/1718 to split memory check process from other common secure APIs. Thus single Armv8-M and multi-core scenario can implement own process.

davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Aug 12 2019, 2:16 AM

davidhuziji moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Sep 6 2019, 5:14 AM

Define multi-core specific memory check in Isolation Level 2 policy and APIsOpen, Needs TriagePublicActions

Description

Event Timeline

Define multi-core specific memory check in Isolation Level 2 policy and APIs
Open, Needs TriagePublic
Actions